Use Greengrass OPC-UA to Communicate with Industrial Equipment

Greengrass supports OPC-UA, an information exchange standard for industrial communication.
OPC-UA
allows you to ingest and process messages from industrial equipment and deliver them
to devices in your
Greengrass group or to the cloud based on rules you define.

The Greengrass implementation of OPC-UA supports certificate-based authentication.
It is based on an
open source implementation, and is fully customizable. You can also bring your own
implementation of
OPC-UA, and implement your own support for other custom, legacy, and proprietary messaging
protocols.

In this section we will cover the following steps:

Connect to an existing OPC-UA server.

Monitor an existing OPC-UA node within that server.

Get called back when the monitored node's value changes.

Architectural Overview

Greengrass implements OPC-UA as a Lambda function in NodeJS. Since Lambda functions
running on
Greengrass cores have access to network resources, you can create Lambda functions
that proxy
information from your existing OPC-UA servers over TCP to other functions or services
in your
Greengrass group.

You can configure Greengrass to have a long-lived connection to your OPC-UA server(s),
and, using
OPC-UA Subscriptions, you can have your OPCUA_Adapter Lambda function monitor changes
to pre-defined
nodes. Any change to those nodes triggers a Publish event from the OPC-UA server,
which will be
received by your Lambda function, and republished into predefined topic names.

The topic structure is constructed as follows:

Set Up a Test OPC-UA Server

Use the following commands to set up a test OPC-UA server. Or, if you
already have an OPC-UA server you'd like to use instead, you may skip this step.

Note:This Lambda function uses the node-opcua library
(v0.0.64), which attempts to re-generate some model files at runtime. That doesn't
work when
running as a Lambda function on Greengrass, because Lambda functions start with a
Read-Only
file system, so any code trying to generate other code would not work. The next step
fixes this.

Change the file at node_modules/node-opcua/lib/misc/factories.js: line 109 to
this:

Change the configSet variable inside the index.js file of the OPC-UA
Lambda function to contain the server IP and Port that you want to connect to, as
well as the
node Ids you would like to monitor. By default it comes with the following example
configuration:

In this case, we are connecting to an OPC-UA server running on the same host as our
Greengrass
Core, on port 26543, and monitoring one node that has an OPC-UA Id
'ns=1;s=PumpSpeed'.

Configure the authentication mode

The OPC-UA library used in
this example supports three modes of Authentication to your OPC-UA server. The most
secure
method is Certificate Based Authentication, but the library also allows you to specify
username/password or no authentication.

Here is how to set Certificate Based Authentication:

Package your certificate and private key with your Lambda function, for example under
a
directory named certs/.

As described in the Architecture section, your Lambda function
should start receiving messages from your OPC-UA server. If you are using your own
custom OPC-UA server,
make sure you trigger a change in the OPC-UA node Id you specified, so that you see
the change received
by your Lambda function. If you are using the example server above, the PumpSpeed
node is configured to
simulate a series of consecutive updates, so you should expect your Lambda function
to receive multiple
messages a second.

You can see messages received by your Lambda function in one of two ways:

Watch the Lambda function’s logs

You can view the logs from your Lambda function by running the following command:

Since messages are forwarded to the cloud, make sure you terminate either the example
server you
configured above, or stop the Greengrass core, so that you don't end up publishing
a lot of
messages to IoT cloud and getting charged for them!

Next Steps

With Greengrass, you can use this same architecture to create your own implementation
of OPC-UA, and
also implement your own support for custom, legacy, and proprietary messaging protocols.
Since Lambda
functions running on Greengrass cores have access to network resources, you can use
them to implement
support for any protocol that rides on top of TCP-IP. In addition, you can also take
advantage of
Greengrass Local Resource Access to implement support for protocols that need access
to hardware
adapters/drivers.

Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's
Help pages for instructions.